Trojan-Ransom[.]Win32[.]Agent[.]hsf-988b6cd98e78a5d38028b67c437488b814579ab1da6fafb0cdade5c8a2ad7fab | Triage

Submit
Reports

Overview

overview

Static

static

Trojan-Ran...nt.exe

windows7-x64

Trojan-Ran...nt.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Trojan-Ransom.Win32.Agent.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

Trojan-Ransom.Win32.Agent.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

Trojan-Ransom.Win32.Agent.hsf-988b6cd98e78a5d38028b67c437488b814579ab1da6fafb0cdade5c8a2ad7fab
Size

111KB
MD5

788e96bc4bfe8f4a4ade2ee8c030c273
SHA1

8a405a3a3d2f2668a5cd57d6a20e9346f73e6097
SHA256

988b6cd98e78a5d38028b67c437488b814579ab1da6fafb0cdade5c8a2ad7fab
SHA512

87b05140eeeeb4265b85fd611d061f861e0e14088d113e1ddfa541ca18130e6af5dc96b717bab37869784aba862d432ddc423a1a5b2563471078e3574b02625d
SSDEEP

3072:Qbm35pPPmLcPyk4Q9WYQRsSvLW1ciPFZ6/fxz8O:BzP8I9zOvq1ciPLGfuO

Score

N/A

Malware Config

Signatures

Files

Trojan-Ransom.Win32.Agent.hsf-988b6cd98e78a5d38028b67c437488b814579ab1da6fafb0cdade5c8a2ad7fab
.exe windows x86

b986a30ca5c6306fdea8feef269d95b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
CreateDirectoryA
WriteConsoleA
GetVersion
HeapFree
ResetEvent
FindAtomA
SetEvent
GetFileType
VirtualProtectEx
GetCommandLineA
ExitThread
CreateSemaphoreW
SetVolumeLabelW
IsBadCodePtr
GetDriveTypeW
CreateMailslotA
FindClose
WriteFile
RemoveDirectoryA
SetStdHandle
GetModuleHandleA
ReleaseMutex
GetSystemTime
RemoveDirectoryA

uxtheme

IsThemeActive
OpenThemeData
GetThemeSysSize
CloseThemeData
GetThemeColor
DrawThemeEdge
GetWindowTheme
GetThemeRect
GetThemeTextExtent
SetWindowTheme
GetThemeTextMetrics
DrawThemeBackground
CloseThemeData

pstorsvc

Start
Start
Start
Start

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy